Privacy and Cookie Policy

Privacy and Cookie Policy

Data aktualizacji: 30 April 2025
Data wejścia w życie: 30 April 2025

I. Personal Data Controller

The controller of your personal data (hereinafter: “Personal Data”) processed in connection with your use of the website www.gruz-assistance.pl (hereinafter: the “Website”) is Skiper Sp. z o.o. (hereinafter: “Skiper”), with its registered office in Warsaw (04-993), at Poematu Street 6/50, NIP: 5253009844, email address: info@gruz-assistance.pl.

The Website may include links to websites of other entities. To learn how your Personal Data is processed by these entities, please consult the privacy policies made available by them.

II. Purposes and Legal Basis of Processing

We may process your Personal Data in the following situations:

• when you place an order (enter into a cooperation agreement with us or an agreement for BDO compliance services)
• when we collect your feedback regarding placed orders and our Website
• when you contact us (including via phone, email, or social media)
• when we carry out marketing and promotional activities
• when we process payments for our services
• when you visit our Website and data is collected through the use of cookies

If you contact us, we process your Personal Data for the purpose of communicating with you and responding to your message — the legal basis for such processing is Skiper’s legitimate interest (Article 6(1)(f) of the RODO(GDPR)).

If you use the contact form available on the Website or contact us by other means for the purpose of entering into a contract, the legal basis for processing your Personal Data depends on whether you are acting on your own behalf or on behalf of an entity you represent.
If you are to be a party to the contract concluded with Skiper, the legal basis for processing your Personal Data is the necessity to take steps at your request prior to entering into the contract (Article 6(1)(b) of the GDPR).
If the contract is to be concluded with the entity you represent, we process your Personal Data for the purpose of entering into an agreement between Skiper and the entity you represent, which constitutes our legitimate interest (Article 6(1)(f) of the RODO(GDPR)).

We may also process your Personal Data for the purpose of:

• complying with Skiper’s legal obligations (e.g., tax, accounting, etc.) – the legal basis for processing your Personal Data in this case is the fulfillment of legal obligations incumbent upon the controller (Article 6(1)(c) of the RODO (GDPR)),
• defending against potential claims and, if necessary, pursuing claims – the legal basis for such actions is Skiper’s legitimate interest (Article 6(1)(f) of the RODO (GDPR)).Defending against potential claims and, if necessary, pursuing claims – the legal basis for such actions is Skiper’s legitimate interest (Article 6(1)(f) of the RODO(GDPR)).
  
  

If you contact us via the form available on the Website, we process the Personal Data provided in that form as well as any additional information shared with us during subsequent communication between you and Skiper. This data includes, in particular, your name and surname, phone number, email address, tax identification number (NIP), and information related to the subject of the order.

III. Placing Orders

When you place orders on our website, we process information related to those orders and the performance of service contracts. In order to conclude and perform a service agreement, we will require certain Personal Data, such as your name, email address, phone number, mailing address, and billing details. Providing this data is voluntary; however, some of it is necessary to enter into a service agreement, and failure to provide the required information may result in the inability to conclude such an agreement.

The legal basis for processing Personal Data depends on whether you are acting on your own behalf or on behalf of an entity you represent. If you are to be a party to the contract concluded with us, the legal basis for processing your Personal Data is the conclusion and proper performance of the service agreement (Article 6(1)(b) of the RODO (GDPR)).

If the contract is to be concluded with the entity you represent, we process the Personal Data for the purpose of entering into an agreement between the Controller and the entity you represent, which constitutes our legitimate interest (Article 6(1)(f) of the RODO (GDPR)).

Certain Personal Data may also be processed for the purpose of handling and pursuing claims, as well as for fulfilling legal obligations arising from applicable laws, such as tax or accounting regulations. The legal basis for such processing is, respectively, our legitimate interest (Article 6(1)(f) of the GDPR) or the necessity to fulfill a legal obligation (Article 6(1)(c) of the RODO (GDPR)).

Personal Data related to the concluded service agreement is processed for the period necessary to perform the contract and, as a rule, for up to 7 years thereafter, primarily due to tax law requirements.

Personal Data processed on the basis of our legitimate interest may be retained until an objection to its processing is raised, unless—despite the objection—we determine that there are compelling legitimate grounds for the processing that override your interests, rights, and freedoms, or that the processing is necessary for the establishment, exercise, or defense of legal claims.

These periods may be appropriately extended in the event of claims being filed or legal proceedings being initiated—for the duration of such proceedings and their resolution—as well as if legal regulations require us to process the data for a longer period.

IV. Collecting Feedback

If you place an order through our Website, we may ask you to provide feedback regarding our Website and the services we have delivered after the transaction has been completed.

In connection with collecting feedback, we may process your personal data necessary to send a request for your opinion (in particular your name, information regarding the concluded agreement, and email address). If you choose to provide feedback, we will also process the data contained in its content.

The purpose of processing your data is to assess user satisfaction with our Website and the services we provide. This allows us to develop and improve the quality of our operations, which constitutes our legitimate interest (Article 6(1)(f) of the RODO (GDPR)).

Providing feedback is entirely voluntary. The feedback may include a rating, photo, or review related to the Website or the services covered by the order.

Submitting feedback must not be used by the user for unlawful activities, particularly actions that constitute unfair competition against Skiper, or actions that infringe upon the personal rights, intellectual property rights, or any other rights of Skiper or third parties.

Feedback may only be submitted by a user who has placed an order through the Website. It is prohibited to enter into fictitious or sham service agreements for the purpose of posting a review. The author of a review may not be Skiper or any of its employees, regardless of their form of employment.

User-submitted reviews may be published on the Website or on the websites of our partners who support us in collecting such feedback (in such cases, the identity of the specific partner will always be disclosed in the feedback request).

We process Personal Data related to feedback collection for the period necessary to send a request for feedback and—if the feedback is provided—for as long as it is displayed on our Website or on the website of our partner supporting us in collecting user reviews. The submitted review may be deleted by its author at any time.

These periods may be appropriately extended in the event of claims being filed or legal proceedings being initiated—for the duration of such proceedings and their resolution—as well as if legal regulations require us to process the data for a longer period.

V. Contact

If you contact us, the scope of data processed by SKIPER depends on the chosen method of communication and the information you choose to provide during the exchange. SKIPER may process, in particular, the following data: your name and surname, phone number, email address, job title, employing entity, IP address, social media used to initiate contact, and the content of the communication.

If you contact us, we process your Personal Data primarily for the purpose of communicating with you and responding to your message, as well as for handling and pursuing any potential claims. The legal basis for such processing is SKIPER’s legitimate interest (Article 6(1)(f) of the RODO (GDPR)).

It may also happen that your Personal Data will be used to conclude an appropriate agreement with you, or—if an agreement is already in place—for its execution. In such cases, the legal basis for processing your data will be Article 6(1)(b) of the RODO (GDPR) – taking steps at the request of the data subject prior to entering into a contract, or processing necessary for the performance of an existing contract.

Providing Personal Data is voluntary, but necessary to enable communication.

Your Personal Data provided in the course of contacting us will be processed for the time necessary to respond and, if applicable, to conduct further correspondence, and thereafter until the expiration of the limitation period for any potential claims.

Personal Data processed on the basis of our legitimate interest may be retained until an objection to its processing is raised, unless—despite the objection—we determine that there are compelling legitimate grounds for the processing that override your interests, rights, and freedoms, or that the processing is necessary for the establishment, exercise, or defense of legal claims.

These periods may be appropriately extended in the event of claims being filed or legal proceedings being initiated—for the duration of such proceedings and their resolution—as well as if legal regulations require us to process the data for a longer period.

VI. Source and Reasons for Disclosure of Personal Data

We have received the Personal Data directly from you or from the entity you represent. Providing Personal Data is voluntary, but necessary to establish contact and maintain communication with Skiper, including via the contact form available on the Website

VII. Recipients or Categories of Recipients of Personal Data

Personal Data may be disclosed to entities with whom Skiper cooperates as part of its ongoing operations, in particular to subcontractors performing services under a service agreement concluded with you or the entity you represent. Personal Data may also be shared with entities such as IT service providers, as well as providers of legal, accounting, advisory, and marketing services. In addition, data may be disclosed to entities supporting us in assessing user satisfaction with our Website and the services we provide (depending on the current functionalities of the Website). All such entities will be granted access only to the Personal Data necessary to perform their specific tasks.

If such functionality is made available by Skiper and you choose to submit a review regarding Skiper that is published on the Website or on the website of our partner supporting us in collecting feedback, the range of recipients of the personal data included in that review will be unlimited.

We may also be required to provide certain information to public authorities in connection with proceedings conducted by them, but only on the basis of and to the extent permitted by the applicable legal grounds.

VIII. Duration of Personal Data Processing

Your Personal Data provided in the course of contacting us will be processed for the time necessary to respond and, if applicable, to conduct further correspondence, and thereafter until the expiration of the limitation period for any potential claims.

Personal Data provided to us in connection with the conclusion of an agreement with Skiper will be processed for the period necessary to conclude the agreement and—if such agreement is entered into—for the duration of its validity, and thereafter:

• for the period and to the extent required by applicable laws and regulations (e.g., tax and accounting regulations);
• for the period during which claims arising from the agreement may become time-barred.

Personal Data related to feedback collection may be processed for the time necessary to send a request for feedback and—if the feedback is provided—for as long as it is displayed on our Website or on the website of our partner supporting us in collecting user reviews. The submitted review may be deleted by its author at any time.

These periods may be appropriately extended in the event of claims being filed or legal proceedings being initiated—for the duration of such proceedings and their resolution—as well as if legal regulations require us to process the data for a longer period.

IX. Rights of the Data Subject

The data subject has the following rights (under the conditions set out in applicable regulations):
1. the right to access their personal data;
2. the right to rectify their data;
3. the right to erase their data;
4. the right to restrict processing;
5. the right to data portability;
6. the right to object to the processing of their data;
7. the right to lodge a complaint with a supervisory authority;
8. the right to withdraw consent at any time (without affecting the lawfulness of processing based on consent before its withdrawal, where processing is based on consent).

X. Automated Decision-Making

Personal Data will not be used for decision-making based solely on automated processing, including profiling.

XI. Transfer of Data Outside the European Economic Area (EEA)

Personal Data may be transferred to our partners located outside the European Economic Area (EEA), but only to the extent necessary for these partners to provide services supporting Skiper’s operations (e.g., IT services). The security of Personal Data is ensured by the safeguards we implement, including standard contractual clauses approved by the European Commission. You may obtain a copy of the safeguards related to the transfer of Personal Data to countries outside the EEA by using the contact details provided above.

XII. Cookies

Skiper uses cookies that are stored on your end device. Cookies collect various types of information which, as a rule, do not constitute Personal Data (they do not allow you to be identified). However, some information, depending on its content and the way it is used, may be attributed to a specific individual and thus be considered Personal Data. The provisions of this document relating to Personal Data shall apply accordingly to such information.

The Website uses two main types of cookies: “session cookies” and “persistent cookies.” Session cookies are temporary files stored on your end device until you close your browser. Persistent cookies remain on your device for the duration specified in the cookie parameters or until you delete them.

Cookies used on the Website:

Name	Description	Expiration time
_ga	Used for user identification.	2 years
_gat	Limits the number of requests sent during periods of increased traffic.	1 minute
_gid	Used for user identification.	24 hours
cookielawinfo-checkbox-necessary	Stores information about the user’s consent to cookies categorized as “Necessary.”	365 days
CookieLawInfoConsent	Stores information about the consents given for the use of cookies.	11 months
viewed_cookie_policy	Stores information on whether the user has given consent to the use of cookies.	11 months

Skiper may allow other entities (e.g., providers of so-called “social plugins”) to use cookie mechanisms on the Website. More information about the cookies used by these entities can be found in their respective privacy and cookie policies.

If the use of cookies is necessary for the operation of the Website, the legal basis for our actions is Article 173(3)(2) of the Telecommunications Law (necessity for the provision of an electronic service). When visiting the Website, depending on its current functionalities, you may also give consent for us to use cookies that are not essential for its operation but allow us to improve the quality of the Website. In such cases, the legal basis for our use of these cookies is your voluntary consent.

Data collected in connection with our use of cookies is stored for the maximum periods indicated in the table above.

You may change your cookie settings, delete, or block cookies at any time by using the settings of your web browser or mobile device. Cookies are not harmful to your device, but restricting their use may affect the proper functioning of the Website; therefore, we recommend not disabling cookie support in your browser.

^[1] Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) of 27 April 2016.